Web Application Security

Conventional network and infrastructure security provides little if any protection against the growing number or application specific threats, and attacks against Web based applications. Application security is a complex discipline and one that demands its own processes, risk management activities and very well educated software development teams.

To build secure applications, security engineering activities need to be integrated into the software development lifecycle. Jcom have experts available in security engineering and in .NET application security who are core members of the Microsoft patterns & practices security team and their expertise stems from the experience gained in helping Microsoft to build and deliver patterns & practices security guidance dedicated to helping customers plan, build, deploy and operate secure .NET Web applications. This includes Volume I, "Building Secure ASP.NET Applications: Authentication, Authorization and Secure Communications" and Volume II, "Improving Web Application Security: Threats and Countermeasures", together with an emerging series of security engineering guidance.

Jcom can use their proven Microsoft expertise to help you design, build and deploy secure applications. Specific services offered include:

• Application risk management
• Lifecycle process improvements for security
• Threat modeling
• Architecture and design reviews for security
• Code reviews for security
• Deployment reviews for security
• Security training for executives, project managers and developers

For more information on our Microsoft Professional Services please use the links to the left or call the software services team on 0208 943 2222.